<?php namespace Admin\Controller; 
/**
 * 用户控制器
 */
class UserController extends CommonController{
	public function __init(){
		if (!isset($_SESSION['uid']) || !isset($_SESSION['username'])) {
			$str = <<<str
	<script type='text/javascript'>
	parent.location.href='index.php?m=Admin&a=Login';
	</script>
str;
			echo $str;die;
		}
	
	}
	
	/**
	 * 修改密码
	 */
	public function changePwd(){
			if (IS_POST) {
					//接受POST参数值
					$password = Q('post.password');
					$newpwd = Q('post.newPwd');
					$confirmPwd = Q('post.confirmPwd');
					if (empty($password) || empty($newpwd) || empty($confirmPwd)) {
							$this->error('旧密码或新密码都必须填写!');
					}
					//实例化模型
					$model = new \Common\Model\User;
					$where = array('uid' => $_SESSION['uid']);
					//查询数据
					$user = $model->where($where)->find();
					if ($user['password'] != $model->encrypt($_SESSION['username'], $password)) {
							$this->error('旧密码错误');
					}
					if ($newpwd != $confirmPwd) {
							$this->error('两次密码输入不一致');
					}
					//修改密码
					$data = array('password' => $model->encrypt($_SESSION['username'],$newpwd));
					$model->where($where)->save($data);
					//修改成功后跳转,并且清除session
					session_unset();
					session_destroy();
					$this->success('修改成功');
			}
			$this->display();
	}
}
?>